Search code examples
javascriptoutlook-web-addins

Permission Denied when Open Add-In on microsoft Outlook 2013 App with selected signed Message

On Microsoft Outlook 2013 Application when a user clicks on the Add-in icon/button and he has selected a message that is signed, he'll get a Permission denied error.

After some researches we found the documentation related to this issue:

https://learn.microsoft.com/en-us/outlook/add-ins/

Mailbox items available to add-ins Outlook add-ins are available on messages or appointments while composing or reading, but not other item types. Outlook does not activate add-ins if the current message item, in a compose or read form, is one of the following:

  • Protected by Information Rights Management (IRM), in S/MIME format or encrypted in other ways for protection. A digitally signed message is an example since digital signing relies on one of these mechanisms.
  • A delivery report or notification that has the message class IPM.Report.*, including delivery and Non-Delivery Report (NDR) reports, and read, non-read, and delay notifications.
  • A draft (does not have a sender assigned to it), or in the Outlook Drafts folder.
  • A .msg or .eml file which is an attachment to another message.
  • A .msg or .eml file opened from the file system.
  • In a shared mailbox, in another user's mailbox, in an archive mailbox, or in a public folder.
  • Using a custom form.

Our questions:

  1. Will it be possible to activate the add-in on Outlook 2013 with a signed message (does any workaround exists)?

  2. To warn our Add-In user that Outlook 2013 is not supported, we want to differenciate the Outlook 2013 and 2016 version, how can we do this in javascript using microsoft mailbox api?

(Set requirement version in manifest has been already done, but outlook 2013 and 2016 share the same version, so we can only deactivate both or keep both.)

Thank you for your help!

Best Regards,

============================================================================

A solution could be handle with MS

Here a little resume:

Actually, we sent tree time the add-in to the validation team. Every time, we get the same error in the report about the compatibility of our Add-in (“4.12.1 Your app or add-in must be fully functional with the supported operating systems, browsers, and devices for Office 2013, Office 2016, SharePoint 2013, and Office 365 “). This requirement is actually not accomplish because our Add-in cannot be opened in Microsoft Outlook 2013.

Outlook 2013 cannot open add-in when a signed message is selected. This bug is known by Microsoft and will not be fix in the future. Only security patches will be done on Outlook 2013. This means, to accomplish the requirement, Outlook 2013 should not figure in the supported version in the manifest. The problem is, if we want to exclude the Outlook 2013 version, we need to change the mailbox API version in the manifest and if we deal this upgrade, we will lose not only Outlook 2013 but also Outlook 2016. Losing Outlook 2016 won’t be a good solution on our side and this is preventing us to accomplish the requirements.

We had different points/questions for the support team. Here you can find our question with the corresponding response from the MS Support team.

• Will it be possible to activate the add-in on Outlook 2013 with a signed message (does outlook 2013 does not allow any workaround exists)? There is no way to activate the addin in signed messages in Outlook 2013, however the add-in button is displayed on such messages, which is something the addin cannot control. This behavior is by design in Outlook 2013, given that Outlook 2013 is in extended support, only security updates are addressed.

• To warn our Add-In user that Outlook 2013 is not supported, we want to differenciate the Outlook 2013 and 2016 version, how can we do this in javascript using microsoft mailbox api? The way to differentiate if the addin is activated in Outlook 2013 is to use the diagnostics namespace as indicated on the documentation:https://learn.microsoft.com/en-us/office/dev/add-ins/reference/objectmodel/requirement-set-1.5/office.context.mailbox.diagnostics Outlook 2013 will return hostVersion 15xxxx, Outlook 2016 will return 16xxx.

To be sure, to have the best error handling as possible, we added a version differentiation and an error message for the user that are using outlook 2013. Sadly, this error is never shown because the Add-in does not open in Outlook 2013 and show the MS error message.

MS Support Team could validate the described behavior above and hopes we can find an agreement with the validation team to be able to accomplish the Add-in publication.

As discussed on our first iteration in this case, raising the requirements to 1.4, will have the consequence of losing the Outlook 2016, which is not desired by your development team, therefore, and since there is no control on the manifest if the addin is activated or not in Outlook 2013, the only possible way to prevent error in Outlook 2013, given that signed messages use in addin is not possible, is to show a message and prevent functionality of your addin to proceed on Outlook 2013. As discussed, there is no further support we can offer on this matter, as our options have been exhausted on the Outlook possibilities in regards to Outlook 2013. Our advice is to continue this discussion with the Application store Team, in order to facilitate a solution to this, without having to incresse the minimum required version to 1.4.

Agreement has been found with MS Validation team!

Solution

  • There is no way to activate an addin on outlook 2013 for signed messages. As for differentiating between outlook 2013 and 2016 builds, you can use the Office.context.mailbox.diagnostics.hostVersion API. For 2013 builds the build number starts with a 15.xx and for 2016 it starts with 16.xx